Show filters
8 Total Results
Displaying 1-8 of 8
Sort by:
Attacker Value
Unknown
CVE-2024-8497
Disclosure Date: September 25, 2024 (last updated February 26, 2025)
Franklin Fueling Systems TS-550 EVO versions prior to 2.26.4.8967 possess a file that can be read arbitrarily that could allow an attacker obtain administrator credentials.
0
Attacker Value
Unknown
CVE-2023-5846
Disclosure Date: November 02, 2023 (last updated February 25, 2025)
Franklin Fueling System TS-550 versions prior to 1.9.23.8960 are vulnerable to attackers decoding admin credentials, resulting in unauthenticated access to the device.
0
Attacker Value
Unknown
CVE-2021-46421
Disclosure Date: April 27, 2022 (last updated February 23, 2025)
Franklin Fueling Systems FFS T5 Series 1.8.7.7299 is affected by an unauthenticated directory traversal vulnerability, which allows an attacker to obtain sensitive information.
0
Attacker Value
Unknown
CVE-2021-46420
Disclosure Date: April 27, 2022 (last updated February 23, 2025)
Franklin Fueling Systems FFS TS-550 evo 2.23.4.8936 is affected by an unauthenticated directory traversal vulnerability, which allows an attacker to obtain sensitive information.
0
Attacker Value
Unknown
CVE-2017-6565
Disclosure Date: May 01, 2017 (last updated February 15, 2024)
On Franklin Fueling Systems TS-550 evo 2.3.0.7332 devices, the roleDiag user, which can be obtained by exploiting CVE-2013-7247, has the ability to upload files to the server hosting the web service. As no sanitization checks are in place, an attacker can upload a malicious payload.
0
Attacker Value
Unknown
CVE-2017-6564
Disclosure Date: May 01, 2017 (last updated February 15, 2024)
On Franklin Fueling Systems TS-550 evo 2.3.0.7332 devices, the Guest user, which contains the lowest privileges, can post to the idSourceFileName parameter found within the /download directory. This ability allows for an attacker to download sensitive system files from the host machine such as databases which contain information that can aid in further attacks.
0
Attacker Value
Unknown
CVE-2013-7247
Disclosure Date: January 26, 2014 (last updated October 05, 2023)
cgi-bin/tsaws.cgi in Franklin Fueling Systems TS-550 evo with firmware 2.0.0.6833 and other versions before 2.4.0 allows remote attackers to discover sensitive information (user names and password hashes) via the cmdWebGetConfiguration action in a TSA_REQUEST.
0
Attacker Value
Unknown
CVE-2013-7248
Disclosure Date: January 26, 2014 (last updated October 05, 2023)
Franklin Fueling Systems TS-550 evo with firmware 2.0.0.6833 and other versions before 2.4.0 has a hardcoded password for the roleDiag account, which allows remote attackers to gain root privileges, as demonstrated using a cmdWebCheckRole action in a TSA_REQUEST.
0